uima-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Marshall Schor (JIRA)" <uima-...@incubator.apache.org>
Subject [jira] Created: (UIMA-1101) Make our public KEYS available for auto-checkers run by Apache infrastructure
Date Tue, 01 Jul 2008 11:55:45 GMT
Make our public KEYS available for auto-checkers run by Apache infrastructure
-----------------------------------------------------------------------------

                 Key: UIMA-1101
                 URL: https://issues.apache.org/jira/browse/UIMA-1101
             Project: UIMA
          Issue Type: Task
          Components: Build, Packaging and Test
            Reporter: Marshall Schor
            Priority: Minor


The KEYS file is used by an automated process to verify proper signing of all artifacts put
in Maven repositories - see http://people.apache.org/~henkp/repo/faq.html. That FAQ says about
the keys:

The checker looks for keys in the KEYS file in the maven repo and www.apache.org/dist/

    * If you key is missing, you should add your public pgp key to an appropriate KEYS file.

    * Also, make your public pgp key available in file .pgpkey in your home directory /home/your-username/
      on people.apache.org ; make sure the checker can read it : chmod +r .pgpkey
    * Look at /home/henkp/.pgpkey for an example.
    * Never, never store your private pgp key on people.apache.org 

The KEYS files seems (on inspection) rarely put into the Maven repository - so I think we
should skip that part.  The file that most likely really needs updating is the one or www.apache.org/dist
- it's missing the recent upates that were done in our SVN keys file.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message